73 lines
2.6 KiB
YAML
73 lines
2.6 KiB
YAML
---
|
|
# tasks file for roles/podman
|
|
|
|
- name: Ensure Ansible community.general collection is installed
|
|
ansible.builtin.command: ansible-galaxy collection install community.general
|
|
changed_when: false
|
|
# This is necessary to use the community.general.podman_container module.
|
|
# We set changed_when: false because the command itself reports changes, but we manage idempotency at the task level.
|
|
|
|
- name: Ensure NFS client utilities are installed
|
|
ansible.builtin.apt:
|
|
name: nfs-common
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Create local mount point for Podman NFS data
|
|
ansible.builtin.file:
|
|
path: "{{ podman_data_mount_point }}"
|
|
state: directory
|
|
mode: '0755'
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Ensure Podman NFS share is mounted and configured in /etc/fstab
|
|
ansible.posix.mount:
|
|
src: "{{ podman_nfs_server }}:{{ podman_nfs_share_path }}"
|
|
path: "{{ podman_data_mount_point }}"
|
|
fstype: nfs
|
|
opts: defaults,hard,intr,noatime,nofail # 'nofail' verhindert, dass der Bootvorgang stoppt, wenn der NFS-Server nicht erreichbar ist.
|
|
state: mounted
|
|
|
|
- name: Install Podman and related tools
|
|
ansible.builtin.apt:
|
|
name:
|
|
- podman
|
|
- podman-docker # Bietet ein Docker-kompatibles CLI-Interface
|
|
- buildah # Tool zum Erstellen von OCI-Images
|
|
- skopeo # Tool zum Verschieben und Kopieren von Container-Images
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Ensure Podman systemd socket is enabled and running
|
|
ansible.builtin.systemd:
|
|
name: podman.socket
|
|
state: started
|
|
enabled: yes
|
|
# Dies stellt sicher, dass der Podman-Socket für die Kommunikation verfügbar ist,
|
|
# insbesondere für Tools wie Portainer, die sich mit dem Socket verbinden.
|
|
|
|
- name: Create Portainer data directory on NFS share
|
|
ansible.builtin.file:
|
|
path: "{{ portainer_data_path }}"
|
|
state: directory
|
|
mode: '0755'
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Run Portainer container with Podman (using podman_container module)
|
|
community.general.podman_container:
|
|
name: "{{ portainer_name }}"
|
|
image: "{{ portainer_image }}"
|
|
state: started
|
|
restart_policy: always
|
|
ports:
|
|
- "{{ portainer_edge_agent_port }}:8000"
|
|
- "{{ portainer_web_port }}:9443"
|
|
- "{{ portainer_legacy_port }}:9000"
|
|
volume:
|
|
# Map Podman socket to Docker socket path for Portainer compatibility
|
|
- "/run/podman/podman.sock:/var/run/docker.sock"
|
|
- "{{ portainer_data_path }}:/data"
|
|
# This module is idempotent by nature and provides better state management.
|
|
# Ensure 'community.general' collection is installed with `ansible-galaxy collection install community.general`. |